Federal agencies are warning of potential ransomware attacks targeted at U.S. organizations ahead of Labor Day weekend following cyberattacks during previous holidays this year.
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday issued an alert outlining their concerns, noting that while there was no intelligence around specific threats, other holiday weekends had given cybercriminals opportunities for attacks.
“Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends over the last several months,” the agencies wrote in the alert. “The FBI and CISA do not currently have specific information regarding cyber threats coinciding with upcoming holidays and weekends.”
“Cyber criminals, however, may view holidays and weekends — especially holiday weekends — as attractive timeframes in which to target potential victims, including small and large businesses,” the agencies stressed. “In some cases, this tactic provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time.”
The alert was issued following multiple high-profile ransomware attacks in recent months, including the ransomware attack by Russian-based cybercriminal group DarkSide on Colonial Pipeline just prior to Mother’s Day weekend in May. The attack led to gas shortages in multiple states, disrupting a key supply chain for the East Coast.
Weeks later, meat producer JBS USA was the target of a ransomware attack carried out by Russian-based group REvil during Memorial Day weekend. An attack by the same group was carried out against software company Kaseya during the Fourth of July holiday weekend.
The ransomware attack on Kaseya impacted up to 1,500 companies, while the attack on JBS temporarily threatened U.S. meat supply chains.
The FBI’s Internet Crime Complaint Center reported a 20 percent increase in ransomware attacks between 2019 and 2020 and a 225 percent increase in ransom demands. Overall, the FBI tracked a loss of almost $17 million due to reported ransomware attacks between January and the end of July this year alone.
“Ransomware continues to be a national security threat and a critical challenge, but it is not insurmountable,” Eric Goldstein, executive assistant director for cybersecurity at CISA, said in a statement Tuesday.
“With our FBI partners, we continue to collaborate daily to ensure we provide timely, useful and actionable advisories that help industry and government partners of all sizes adopt defensible network strategies and strengthen their resilience,” Goldstein said. “All organizations must continue to be vigilant against this ongoing threat.”
Due to the ongoing ransomware attacks, which have also been targeted at schools and hospitals increasingly during the COVID-19 pandemic, the Biden administration has zeroed in on addressing the threat.
The Justice Department in April announced the establishment of its Ransomware and Digital Extortion Task Force to strengthen the agency’s ability to respond to ransomware attacks, while Homeland Security Secretary Alejandro MayorkasAlejandro MayorkasJohns Hopkins to launch degree program in cybersecurity and policy The Hill's Morning Report - Presented by Altria - New front in mandate wars; debt bill heads to Biden DHS to end workplace raids, shift focus to employers over undocumented workers MORE announced earlier this year that the Department of Homeland Security would prioritize addressing ransomware threats.